Do you youself understand what you’re talking about?
I am by no means an expert in this area. But I have some understanding of how things work.
What do you mean by “focus on those ports”? What are “more expensive/slower scans”?
There are many different levels of scans you can do on ports - the first and simplest is just trying to connect to see if the port is open. But that only tells you if the port is open. You then need to try and figure out what service is running on the port which is done by trying to communicating with it and seeing what it replys with. E.g. sending a http request to see if a http server is listing, or trying to start a tls connection for https). Once you know what service is running you can make additional queries to try and figureout what version it is running which can tell you what vulnerabilities it is exposed to. Each of these might need a different connection, and you might need to cycle through many different queries to get a response from the server - all of that is far more expensive than just checking to see if the port is open.
So you generally want to preform a quick scan of open ports, then follow up on a deeper scan of those ports to gather more information about what is running on the port. Nmap, the tool generally used for this, has these different modes you can tell it to scan in and is able to do simple TCP connection scans, or more detail scans for detecting the service an OS (and their versions) as well.
not every port gets reported to be open but only some of them
That was a hypothetical, not having read whatever article you are talking about. But I would assume that a eBPF tool that fakes open ports would do so to pretend a large number of ports are open at least. Though that is just speculation on my part.
me? or an attacker? he could work with any ports he wishes
Your brain is not rigid though - it can collect fluids and swell a tiny bit. Which essentially increases pressure inside it and if happens too much can be fatal. But that means you can squish a little bit more into without replacing mass - at least for a little while. Bones also regrow constantly, and with genital pressure and a lot of time you can reshape them.
I always assume that the microplastic is replacing body mass.
I dont think this is a valid assumption to make. I would see it more as your body working around the microplastics to do what it needs to do as best it can it does not have some limit as to the amount of mass it can use at any one point.
bcachefs is meant to be more reliable than btrfs - which has had issues with since it was released (especially in the early days). Though bcachefs has yet to be proven at scale that it can beat btrfs at that.
Bcachefs also supports more features I believe - like encryption. No need for an extra layer below the filesystem to get the benefits of encryption. Much like compression that also happens on both btrfs and bcachefs.
Btrfs also has issues with certain raid configurations, I don't think it yet has support for raid 5/6 like setup and it has promised that for - um, well maybe a decade already? and I still have not heard any signs of it making any progress on that front. Though bcachefs also still has this on their wishlist - but I see more hope for them getting it before btrfs which seems to have given up on that feature.
Bcachefs also claims to have a cleaner codebase than btrfs.
Though bcachefs is still very new so we will see how true some of its claims will end up being. But if true it does seem like the more interesting filesystem overall.
From an attacker perspective you would do a quick scan to find open ports, then focus on those ports with more expensive/slower scans to find out what is running on those ports. If everything reports open then what ports do you focus on first? So not so much that actually open ports are less interesting, but that actually open ports are harder to find among all the ports.
What extra information could you gather? Note I assume we are talking about a fake open port here, not an active service listening on a port that can communicate with the attacker. That could be done without eBPF though - so what advantage would eBPF have here?
And I assume this is more on the level of responding to pings than creating full connections? At which point you are only dealing with a single packet from the sender. So what value does responding give you here?
This logic is flawed. If you stand on some scales and pick up a credit card, the scale will measure you are one credit card heavier. You don't get lighter by adding mass (at least when that mass is also denser then air). And what evidence is there that this plastic in our bodies is additional mass or replaced mass? That is the assumption your logic is based on.
Would it even need to pretend it is open? If it can fake a port being open then it can tell when a close port is being pinged. So can outright block connections from those IPs without ever pretending it is open?
The wrote and released VS Code - a completely opensource development environment. If they wanted to patch Grub I bet they could have found the permissions internally to do that. Microsoft is a lot more open to OSS contributions then they were in the past.
For me, I like the idea of a tiling window manager with batteries included. Been using tiling window mangers for ages now and cannot go back to floating window management. But all the tiling window managers are bare bones and configure everything you want from the ground up. Which I am not a huge fan of these days. I want something to work out the box with first party full tiling support (not just dragging windows to the side) but without needing 100s of lines of config to get a half decent setup.
There are basically two different versions of Cosmic. The current one which is basically just an extension for Gnome. This is what has shipped with PopOS and currently still done.
But system76 had a vision for what they wanted and they did not feel building that as an extension was sustainable long term. They had a bunch of stability issues (ie gnome breaking things in newer versions they were using). So they decided to write a new desktop environment from scratch in rust that they had full control over.
I believe that the new Cosmic sits somewhere in between KDE and Gnome in terms of customization - or at least what they are aiming for. No where near the level of settings as KDE but not trying to remove every option like Gnome.
And being a new project written from scratch it is forward focused - and only support wayland.
This always makes me wince. I don't think high uptimes should be celebrated. Has your kernel ever been patched or the services running restarted? Just installing the updates is not enough to secure your system you need to be running that new code as well.
Also, I get very nervous about touching those systems. You have no clue what state it is in. I have seen far too many large uptime server have their power go some day and are never able to boot again or don't boot all the services back up as someone forgot to enable the service.
Nop, rather see them rebooted regularly at a non critical time so we know they will come back up. Or even better have a HA setup.
Given that I update daily, I feel that the quick connection to the server to test it’s bandwidth at boot is rather insignificant.
But it is not just a quick connection. Speed tests, in order to be accurate, need to download a reasonable amount from each server. This is why:
it takes quite a while to sort through 200 mirrors.
Have there been any credible studies that have looked at the reliability of the mirrors? The reliability would give one an idea on how often they should refresh their mirrors.
You dont need one. If a mirror becomes unreliable then you can run reflector again to fix the issue. There is no need to constantly run it. And you dont need to be on the absolute fastest mirror every day. You will never notice the difference between the fastest one yesterday and the fastest one today - assuming there are no major problems with it. And if there are that is when you run reflector again.
And reflector already comes with a weekly timer and service that is plenty often enough.
And other browsers can be configured to do the same. Though that is not ublock origin doing anything with the cookies and these settings can be enabled wtihout ublock (though you likely want ublock if you are enabling them).
I don't think it does anything with cookies directly. It just blocks connections to domains and removes elements from pages that match patterns you give it. Removing the cookies/privacy banners does just that - removes the banner. This SHOULD opt you out of tracking as the laws generally require explicit permission, so not clicking the accept button should be enough. But if the sites follow those laws or not is a completely different matter.
Third party tracking cookies are normally blocked by their domain - when a tracking pixel is on the screen it reaches out to a known tracking domain which logs this visit and drops a cookie for that domain on the page. By blocking that domain the tracking request is never made and thus no cookie is dropped and so there is nothing to track you. Most tracking is done like this so it is quite effective. But it wont stop a first party cookie from being dropped or tracking done through that or any other data you send.
Note that the laws don't require permission for all cookies. Ones that are essential to the sites function (like a cookie that carries login info) are typically allowed and cannot be opted out of (you can always delete cookies locally though, the laws just cover what sites can use). And not all sites will respect these laws or try to skirt around them so none of this is 100% perfect by any means.
You also don't celebrate when you are near to the finish line. The number of videos of athletes starting to celebrate near the finish line and then getting passed by the guy in second is just astonishing.
I don't see why this would help. More likely there are two different teams/people working on either side separately from each other. I bet the windows work involves a lot more work on Microsoft's or the chip manufacturer's side than valves.
I am by no means an expert in this area. But I have some understanding of how things work.
There are many different levels of scans you can do on ports - the first and simplest is just trying to connect to see if the port is open. But that only tells you if the port is open. You then need to try and figure out what service is running on the port which is done by trying to communicating with it and seeing what it replys with. E.g. sending a http request to see if a http server is listing, or trying to start a tls connection for https). Once you know what service is running you can make additional queries to try and figureout what version it is running which can tell you what vulnerabilities it is exposed to. Each of these might need a different connection, and you might need to cycle through many different queries to get a response from the server - all of that is far more expensive than just checking to see if the port is open.
So you generally want to preform a quick scan of open ports, then follow up on a deeper scan of those ports to gather more information about what is running on the port. Nmap, the tool generally used for this, has these different modes you can tell it to scan in and is able to do simple TCP connection scans, or more detail scans for detecting the service an OS (and their versions) as well.
That was a hypothetical, not having read whatever article you are talking about. But I would assume that a eBPF tool that fakes open ports would do so to pretend a large number of ports are open at least. Though that is just speculation on my part.
That is from an attackers perspective.